Threat Connect 2.2.5

Threat Connect - 2.2.5

tags: python | Threat Intelligence Platform | Cyber Risk Quantification

Table of Contents

• Description
• Customer Configuration
• CDC Command Lines
• Workflows
• Rules
• Sensors
• Triggers
• Known Issues

Description

ThreatConnect is the only Platform to unite Cyber Risk Quantification (RQ), Threat Intelligence Platform (TIP) and Security Orchestration and Response (SOAR) capabilities, ThreatConnect is a decision and operational support platform that aligns the entire security lifecycle to the goal of reducing risk.

The ThreatConnect Platform delivers orchestration and automation capabilities that reduce job complexity for every stakeholder – from security executives, to risk teams, to threat intelligence experts, to security operations personnel and incident responders.

ThreatConnect is the only solution that natively combines cyber risk quantification, threat intelligence, orchestration and automation, analytics, and templated workflows relevant for all stakeholders – security and business executives, risk, threat intelligence, vulnerability, operations and response.

Integrating ThreatConnect with CyberProof Defense Centre(CDC) and injection of TC incidents as alerts in cdc with Associated Groups, Tags, Security Label, Attributes and many other fields.

Customer Configuration

No Customer Configuration

CDC Command Lines

No CDC command lines

Workflows

* **inject_tc_alert_to_cdc**
Inject Threat Connect alert to cdc using cdc async api.

* **process_yara_files**
Process Yara files.

Rules

* **cdc_new_alert_from_threatconnect**
Triggering inject new alert to CDC workflow when a new alert is created in threatconnect

Sensors

* **ThreatConnectSensor**
Sensor to pull reported incidents from Threat Connect

Poll interval - 60s

Triggers

No triggers

Known Issues